Credit Card Security

All billing for Payboy subscriptions are handled through Stripe.
Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification.
Stripe is trusted by thousands of small and large companies to power commerce for their business.
Your sensitive credit card information therefore never reaches Payboy servers, and is handled by trusted,
specialists in credit card security. The billing process is fully PCI compliant.

Secure Communications

All communications with Payboy is done through HTTPS/TLS, so you can be confident that any data
transfer to and from Payboy is secure from eavesdropping or tampering. Our SSL certificates use 2048-bit keys and
are signed with the state of the art SHA-256 encryption algorithm.

Database Security

All data within Payboy is encrypted at rest. This means that our server and database hard disks
are encrypted using the industry standard AES-256 encryption algorithm, and your data is secure not only during
transfer, but also when idle or shut down.

Ultra-Reliable Backups

Your data is backed up at an unprecedented hourly rate unlike competing services which
maintain only daily or weekly backups. Furthermore, your backups are stored in a replicated and encrypted
(AES-256) fashion, so that there are always redundant, yet secure copies of your data at multiple physical
locations.

Strict Chain of Custody

Payboy maintains a strict chain of custody when accessing databases, servers and internal systems. None
of your company's and employees' information is ever unnecessarily exposed to our staff and none of our
technical support staff have any access to our servers.
Only our engineering team has access to backend servers on a need-to-use basis.

Need to Report a Security Vulnerability?

Responsible Disclosure

We would like to keep Payboy safe and secure for everyone. If you have discovered a security vulnerability,
we would greatly appreciate your help in disclosing it to us in a responsible manner.

Publicly disclosing a vulnerability can put all Payboy users at risk. If you have discovered a possible
vulnerability, we would greatly appreciate you emailing us at
security@payboy.biz.
We will work with you to assess and understand the scope of the issue and fully address any concerns.
Any emails are immediately sent to our engineering team to ensure that issues are addressed rapidly.
Any security emails are treated with the highest priority as the safety and security of our service is
our primary concern.